WO2021025631A1 - A method for generating digital signatures - Google Patents
A method for generating digital signatures Download PDFInfo
- Publication number
- WO2021025631A1 WO2021025631A1 PCT/TR2019/050648 TR2019050648W WO2021025631A1 WO 2021025631 A1 WO2021025631 A1 WO 2021025631A1 TR 2019050648 W TR2019050648 W TR 2019050648W WO 2021025631 A1 WO2021025631 A1 WO 2021025631A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- generating
- private key
- generated
- digital signature
- images
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000010586 diagram Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/16—Obfuscation or hiding, e.g. involving white box
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/20—Manipulating the length of blocks of bits, e.g. padding or block truncation
Definitions
- the present invention is related to a method for generating digital signatures using white box cryptography.
- White-box cryptography (Ref: Chow, Stanley, et al. "White-box cryptography and an AES implementation.” International Workshop on Selected Areas in Cryptography. Springer, Berlin, Heidelberg, 2002.) aims at providing a practical degree of protection against these so-called white-box attacks. While, white-box cryptosystems for symmetric key encryption are studied extensively, as far as digital signatures are of concern we see that only a few white-box proposals do exist.
- patent document CN 106612182A One exemplary embodiment for such application is disclosed in patent document CN 106612182A.
- one-time digital signatures allow to generate signatures without heavy public key operations like modular exponentiation. It simply works first by generating pre images and then computing hash value of these as the hash images.
- the one-time digital signature of a given message is just a computed subset of pre images which can be easily verified by receivers by computing the hash of these and compare them with the already received hash image values.
- the one-time digital signature concept is well-known and well- understood, the challenge of improving its security against a white-box attacker has not been explored previously.
- the present invention provides a method for generating digital signatures.
- Said method comprises the steps of, generating at least one private key; generating at least one table by using said private key in at least one white box cryptosystem; generating at least one random number; generating pre images, each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white box cryptosystem; generating at least one digital signature by using at least one generated pre image.
- the object of the invention is to provide a method for generating digital signatures.
- Another object of the invention is to provide a method for generating one time digital signatures.
- Another object of the invention is to provide a method for generating digital signatures using white box cryptosystem.
- Another object of the invention is to provide a secure method for generating digital signatures.
- Another object of the invention is to provide a method for generating multitude of (possibly infinite number of) one time digital signatures.
- FIG. 1 shows a flow diagram of the digital signature generation method of the invention.
- the references in the figures may possess following meanings;
- Digital signature generation method of the present invention comprises the steps of, generating at least one private key (101); generating at least one table (102) by using said private key in at least one white box cryptosystem; generating at least one random number (103); generating pre images (104), each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white-box cryptosystem; generating at least one digital signature by using at least one generated pre image.
- a private key (for example a symmetric key) is generated by any methods known in the art.
- at least one white box cryptosystem at least one table is generated by using said private key.
- said table is generated.
- At least one random number is generated.
- said random numbers are encrypted.
- plurality of pre images are generated.
- each of the said pre images are generated by encrypting a random number with the generated table and the chosen white-box crypto system.
- One of the white-box crypto system is given in Bogdanov, Andrey, and Takanori Isobe.
- pre images are used in a digital signature.
- a message (M) is able to be signed (105) using said pre images.
- each of said pre images are able to be used in one time digital signatures.
- said method comprises the step of deleting the private key (107) after the step of generating table (102). Since the private key is only used for generating table (102), said private key has no use after the table is generated. Therefore, in order to eliminate the risk of un-authorized access to the private key by a malicious third party, private key is deleted securely.
- step of generating at least one table (102) by using said private key in at least one white box cryptosystem may be repeated using at least one different white box cryptosystem.
- different table is generated. Therefore, number of generated pre images are increased.
- said method comprises the step of generating hash images (106) by standard hashing operation (for example by using SHA-256 algorithm) the pre images.
- a hash image is generated for each of the pre images.
- hash image corresponding to said pre image is used as public key for said digital signature. Therefore, any third party is able to examine the authenticity of a signed message (M) using the hash images (due to the nature of hashing algorithms, a hash image corresponds to a pre image).
- step of generating at least one random number (103) comprises the steps of, generating at least one random seed; adding at least one counter value to generated seed to generate at least one random number.
- the counter value is preferably increased by one for the generation of a new random number.
- the counter value is 0 for generating a first random number; the counter value is 1 for generating a second random number and this goes on until all random numbers are generated.
- said method comprises the step of erasing at least one pre image (108) used in at least one digital signature, after the step of generating at least one digital signature by using at least one generated pre image.
- the white-box attacker could only access the pre images in a short amount of time (just after pre images are generated but before they are used). Note that the white-box attacker could not access the private key in any way. Generating the pre images just before they are used and erasing them shortly after reduces significantly the damage caused by a white-box attacker.
Abstract
The present invention provides a method for generating digital signatures. Said method comprises the steps of, generating at least one private key (101); generating at least one table (102) by using said private key in at least one white box cryptosystem; generating at least one random number (103); generating pre images (104), each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white box cryptosystem; generating at least one digital signature by using at least one generated pre image.
Description
A METHOD FOR GENERATING DIGITAL SIGNATURES
Technical Field
The present invention is related to a method for generating digital signatures using white box cryptography.
Prior Art
In the digital world, it is easy to modify soft digital files (soft copy documents). Although this feature is advantageous in different aspects (for example correcting an error becomes easy), said feature also causes security issues. Since it is easy to modify digital files, determining the authenticity of a digital file becomes troublesome. In order to solve this problem, different authentication applications are used.
One of the authentication applications used in the art is usage of digital signatures. In these applications, files are signed with a private key to obtain digital signatures. These signatures prevent modification of the files without the knowledge of the private key. Therefore, digitally signed files are considered to be as authentic as hard copy files.
In order to trust the authenticity of a digitally signed document, used digital signature must be a secure one. In other words, an attacker (such as a malicious third party) should not generate a valid digital signature for a modified (forged) file.
In order to provide necessary security for digital file by preventing an attacker to generate a digital signature, a variety of digital signatures could be used. In all these applications, all files are signed with a single private key. The holder of the private key could generate a digital signature for any file he wants. Although digital signatures solve above mentioned security problems, protecting the private key against attackers remains a challenge.
This challenge of protecting the cryptographic keys is more evident in implementations where an attacker has the full control of the execution environment. White-box cryptography (Ref: Chow, Stanley, et al. "White-box cryptography and an AES
implementation." International Workshop on Selected Areas in Cryptography. Springer, Berlin, Heidelberg, 2002.) aims at providing a practical degree of protection against these so-called white-box attacks. While, white-box cryptosystems for symmetric key encryption are studied extensively, as far as digital signatures are of concern we see that only a few white-box proposals do exist. One exemplary embodiment for such application is disclosed in patent document CN 106612182A.
Unlike conventional digital signature algorithms like RSA (Rivest, Ronald L, Adi Shamir, and Leonard Adleman. "A method for obtaining digital signatures and public-key cryptosystems." Communications of the ACM 21.2 (1978): 120-126.), one-time digital signatures allow to generate signatures without heavy public key operations like modular exponentiation. It simply works first by generating pre images and then computing hash value of these as the hash images. The one-time digital signature of a given message is just a computed subset of pre images which can be easily verified by receivers by computing the hash of these and compare them with the already received hash image values. Although, the one-time digital signature concept is well-known and well- understood, the challenge of improving its security against a white-box attacker has not been explored previously.
Brief Description of the Invention
The present invention provides a method for generating digital signatures. Said method comprises the steps of, generating at least one private key; generating at least one table by using said private key in at least one white box cryptosystem; generating at least one random number; generating pre images, each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white box cryptosystem; generating at least one digital signature by using at least one generated pre image.
According to the present invention, digital signatures are generated using at least one private key in a white box cryptosystem. Moreover, for the generation of each of the pre images, to be used as digital signatures, random numbers are used. Therefore, according to the present invention, unlimited numbers of pre images are able to be generated using a single private key. Moreover, due to the nature of the white box cryptography and usage of random numbers, the private key is protected against possible attackers.
Object of the Invention
The object of the invention is to provide a method for generating digital signatures.
Another object of the invention is to provide a method for generating one time digital signatures.
Another object of the invention is to provide a method for generating digital signatures using white box cryptosystem.
Another object of the invention is to provide a secure method for generating digital signatures.
Another object of the invention is to provide a method for generating multitude of (possibly infinite number of) one time digital signatures.
Description of the Drawings
Figure 1 shows a flow diagram of the digital signature generation method of the invention. The references in the figures may possess following meanings;
Message (M)
Generating private key (101)
Generating table (102)
Generating random number (103)
Generating pre images (104)
Signing (105)
Generating hash images (106) Deleting private key (107) Erasing pre image (108)
Description of the Invention
One of the methods for authenticating digital files is signing said files with digital signatures. In order to guarantee the authenticity of a digitally signed document, used digital signature must be a secure one. In other words, an attacker should not have access to the private key used in said digital signature. In order to enhance the security of the digital signatures against the possible attackers or for variety of other reasons, hash- function based one time digital signatures could be preferred. Although one time digital signatures hold various advantages, protecting security of the private key is troublesome. Therefore, according to the present invention, a method for generating the digital signature and protecting private key is provided.
Digital signature generation method of the present invention, a flow diagram of which is given in Figure 1, comprises the steps of, generating at least one private key (101); generating at least one table (102) by using said private key in at least one white box cryptosystem; generating at least one random number (103); generating pre images (104), each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white-box cryptosystem; generating at least one digital signature by using at least one generated pre image.
In an exemplary embodiment of the present invention, a private key (for example a symmetric key) is generated by any methods known in the art. In at least one white box cryptosystem, at least one table is generated by using said private key. In other words, by performing at least one known table generation method in a known white box cryptography method on the private key, said table is generated. At least one random number is generated. By using the generated table, said random numbers are encrypted. As a result of said encryption process, plurality of pre images are generated. In detail, each of the said pre images are generated by encrypting a random number with the generated table and the chosen white-box crypto system. One of the white-box crypto system is given in Bogdanov, Andrey, and Takanori Isobe. "White-box cryptography revisited: space-hard ciphers." Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 2015. Generated pre images are used in a digital signature. For example, a message (M) is able to be signed (105) using said pre images. According to the present invention, since plurality of pre images are generated by using a private key, each of said pre images are able to be used in one time digital signatures.
In a preferred embodiment of the present invention, said method comprises the step of deleting the private key (107) after the step of generating table (102). Since the private key is only used for generating table (102), said private key has no use after the table is generated. Therefore, in order to eliminate the risk of un-authorized access to the private key by a malicious third party, private key is deleted securely.
In another preferred embodiment of the present invention, step of generating at least one table (102) by using said private key in at least one white box cryptosystem may be repeated using at least one different white box cryptosystem. In this embodiment, by using different white box cryptosystem, different table is generated. Therefore, number of generated pre images are increased.
In another preferred embodiment of the present invention, said method comprises the step of generating hash images (106) by standard hashing operation (for example by using SHA-256 algorithm) the pre images. In this embodiment, a hash image is generated for each of the pre images. When a pre image is used as a digital signature, hash image corresponding to said pre image is used as public key for said digital signature. Therefore, any third party is able to examine the authenticity of a signed message (M) using the hash images (due to the nature of hashing algorithms, a hash image corresponds to a pre image).
By increasing the number of pre-images and hash images and assigning special pre images and message (M) relations, virtually unlimited number of digital signatures corresponding to unlimited number of different messages (M) could be generated. One of the known applications for this type of relation (digital signature and public key relation) is given in Buchmann, Johannes, et al. "Merkle signatures with virtually unlimited signature capacity." International Conference on Applied Cryptography and Network Security. Springer, Berlin, Heidelberg, 2007.
In another preferred embodiment of the present invention, step of generating at least one random number (103) comprises the steps of, generating at least one random seed; adding at least one counter value to generated seed to generate at least one random number. In this embodiment, the counter value is preferably increased by one for the generation of a new random number. In an exemplary embodiment, the counter value is 0
for generating a first random number; the counter value is 1 for generating a second random number and this goes on until all random numbers are generated.
In another preferred embodiment of the present invention, said method comprises the step of erasing at least one pre image (108) used in at least one digital signature, after the step of generating at least one digital signature by using at least one generated pre image. By this way, the white-box attacker could only access the pre images in a short amount of time (just after pre images are generated but before they are used). Note that the white-box attacker could not access the private key in any way. Generating the pre images just before they are used and erasing them shortly after reduces significantly the damage caused by a white-box attacker.
According to the present invention, digital signatures are generated using at least one private key in a white box cryptosystem (the private key of the digital signature corresponds to the symmetric key of the white box cryptosystem). Moreover, for the generation of each of the pre images, to be used as digital signatures, a random number is used as well. Therefore, according to the present invention, unlimited numbers pre images are able to be generated using a single private key. Moreover, due to the nature of the white box cryptography and usage of random numbers, each of the pre images are protected against possible attackers.
Claims
1. A method for generating digital signatures characterized by comprising the steps of; generating at least one private key (101); generating at least one table (102) by using said private key in at least one white box cryptosystem; generating at least one random number (103); generating pre images (104), each of which to be used in a digital signature, by encrypting said random numbers using the generated table in at least one white-box cryptosystem generating at least one digital signature by using at least one generated pre image.
2. A method according to claim 1 , wherein said method further comprises the step of deleting the private key (107) after the step of generating table (102).
3. A method according to claim 1, wherein step of generating at least one table (102) by using said private key in at least one white box cryptosystem is repeated using at least one different white box cryptosystem.
4. A method according to claim 1 , wherein said method further comprises the step of generating hash images (106) by hashing the pre images which corresponds to one-time public key to be used to verify one-time digital signature.
5. A method according to claim 4, wherein SHA-256 algorithm used for generating hash images (106).
6. A method according to claim 1, wherein step of generating at least one random number (103) comprises the steps of, generating at least one random seed; adding an output at least one counter to generated seed to generate at least one random number.
7. A method according to claim 1, wherein said private key is a symmetric key.
8. A method according to claim 1, wherein said method further comprises the step of erasing at least one pre image (108) used in at least one digital signature, after the step of generating at least one digital signature by using at least one generated pre image
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/TR2019/050648 WO2021025631A1 (en) | 2019-08-05 | 2019-08-05 | A method for generating digital signatures |
US17/627,769 US20220329439A1 (en) | 2019-08-05 | 2019-08-05 | Method for generating digital signatures |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/TR2019/050648 WO2021025631A1 (en) | 2019-08-05 | 2019-08-05 | A method for generating digital signatures |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021025631A1 true WO2021025631A1 (en) | 2021-02-11 |
Family
ID=74502811
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/TR2019/050648 WO2021025631A1 (en) | 2019-08-05 | 2019-08-05 | A method for generating digital signatures |
Country Status (2)
Country | Link |
---|---|
US (1) | US20220329439A1 (en) |
WO (1) | WO2021025631A1 (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011120125A1 (en) * | 2010-03-31 | 2011-10-06 | Irdeto Canada Corporation | System and method for protecting cryptographic assets from a white-box attack |
US20120311338A1 (en) * | 2011-06-03 | 2012-12-06 | Apple Inc. | Secure authentication of identification for computing devices |
GB2538022A (en) * | 2016-08-20 | 2016-11-02 | Tomlinson Martin | Multiple secrets in quorum based data processing |
CN108259506A (en) * | 2018-02-08 | 2018-07-06 | 上海交通大学 | SM2 whitepack password implementation methods |
US20180262343A1 (en) * | 2017-03-08 | 2018-09-13 | Idemia Identity & Security France | Method for electronic signing of a documen with a predetermined secret key |
EP3376705A1 (en) * | 2017-03-17 | 2018-09-19 | Koninklijke Philips N.V. | Elliptic curve point multiplication device and method in a white-box context |
EP3493456A1 (en) * | 2017-12-01 | 2019-06-05 | Gemalto Sa | Cryptography device having improved security against side-channel attacks |
Family Cites Families (37)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4717329B2 (en) * | 2003-03-14 | 2011-07-06 | キヤノン株式会社 | Digital signature generator |
CN101167114A (en) * | 2005-04-28 | 2008-04-23 | 松下电器产业株式会社 | Program converter, encrypting device, and encrypting method |
CA2591280A1 (en) * | 2007-06-12 | 2008-12-12 | Nikolajs Volkova | A new digital signature scheme |
KR101744748B1 (en) * | 2011-01-05 | 2017-06-09 | 한국전자통신연구원 | Contents protection, encryption and decryption apparatus using white-box cryptography |
AU2011363942B2 (en) * | 2011-03-31 | 2017-02-09 | Irdeto B.V. | Method and system for protecting execution of cryptographic hash functions |
US20130091353A1 (en) * | 2011-08-01 | 2013-04-11 | General Instrument Corporation | Apparatus and method for secure communication |
US20150172050A1 (en) * | 2013-12-12 | 2015-06-18 | Nxp B.V. | Random data from gnss signals and secure random value provisioning for secure software component implementations |
RU2710897C2 (en) * | 2014-08-29 | 2020-01-14 | Виза Интернэшнл Сервис Ассосиэйшн | Methods for safe generation of cryptograms |
US9774443B2 (en) * | 2015-03-04 | 2017-09-26 | Apple Inc. | Computing key-schedules of the AES for use in white boxes |
WO2016155565A1 (en) * | 2015-03-30 | 2016-10-06 | Jintai Ding | Improvements on multivariate digital signature schemes based on hfev- and new applications of multivariate digital signature schemes for white-box encryption |
US20170063550A1 (en) * | 2015-04-23 | 2017-03-02 | Keith J Brodie | Secure Digital Signature Apparatus and Methods |
US9800418B2 (en) * | 2015-05-26 | 2017-10-24 | Infosec Global Inc. | Signature protocol |
KR101914453B1 (en) * | 2015-10-29 | 2018-11-02 | 삼성에스디에스 주식회사 | Apparatus and method for encryption |
KR101989956B1 (en) * | 2015-10-29 | 2019-06-17 | 삼성에스디에스 주식회사 | Apparatus and method for encryption |
KR101815175B1 (en) * | 2016-05-27 | 2018-01-04 | 삼성에스디에스 주식회사 | Apparatus and method for data encryption, apparatus and method for data decryption |
US10778654B2 (en) * | 2016-09-16 | 2020-09-15 | Arris Enterprises Llc | Method and apparatus for protecting confidential data in an open software stack |
US10142298B2 (en) * | 2016-09-26 | 2018-11-27 | Versa Networks, Inc. | Method and system for protecting data flow between pairs of branch nodes in a software-defined wide-area network |
KR101924067B1 (en) * | 2016-10-28 | 2019-02-22 | 삼성에스디에스 주식회사 | Apparatus and method for encryption |
EP3334083A1 (en) * | 2016-12-08 | 2018-06-13 | Gemalto SA | Method of rsa signature or decryption protected using a homomorphic encryption |
MX2019008264A (en) * | 2017-01-09 | 2020-01-27 | Arris Entpr Llc | Homomorphic white box system and method for using same. |
US10985905B2 (en) * | 2017-01-09 | 2021-04-20 | Arris Enterprises Llc | Strong fully homomorphic white-box and method for using same |
GB201703864D0 (en) * | 2017-03-10 | 2017-04-26 | Irdeto Bv | Secured system operation |
EP3379769A1 (en) * | 2017-03-21 | 2018-09-26 | Gemalto Sa | Method of rsa signature or decryption protected using multiplicative splitting of an asymmetric exponent |
US10511436B1 (en) * | 2017-07-31 | 2019-12-17 | EMC IP Holding Company LLC | Protecting key material using white-box cryptography and split key techniques |
US11269993B2 (en) * | 2017-08-10 | 2022-03-08 | Sony Corporation | Encryption device, encryption method, decryption device, and decryption method |
WO2019031026A1 (en) * | 2017-08-10 | 2019-02-14 | ソニー株式会社 | Encryption device, encryption method, decryption device, and decryption method |
US10516541B2 (en) * | 2017-09-13 | 2019-12-24 | Nxp B.V. | Nonce to message binding in digital signature generation |
EP3493460A1 (en) * | 2017-12-01 | 2019-06-05 | Gemalto Sa | Cryptography device having secure provision of random number sequences |
EP3506558A1 (en) * | 2017-12-28 | 2019-07-03 | Koninklijke Philips N.V. | Whitebox computation of keyed message authentication codes |
KR102582094B1 (en) * | 2018-03-29 | 2023-09-22 | 비자 인터네셔널 서비스 어소시에이션 | Consensus-based online authentication |
US20210036864A1 (en) * | 2018-03-29 | 2021-02-04 | Agency For Science, Technology And Research | Method and system for generating a keccak message authentication code (kmac) based on white-box implementation |
EP3861472A4 (en) * | 2018-10-04 | 2021-12-01 | Visa International Service Association | Leveraging multiple devices to enhance security of biometric authentication |
CN113260993B (en) * | 2018-12-03 | 2024-03-01 | 纳格拉影像有限公司 | Secure deployment and operation of virtual platform systems |
EP3709561A1 (en) * | 2019-03-14 | 2020-09-16 | Thales Dis France SA | Method for generating a digital signature of an input message |
EP3713148B1 (en) * | 2019-03-22 | 2022-08-03 | Giesecke+Devrient Mobile Security GmbH | White-box ecc implementation |
US11277406B2 (en) * | 2019-06-28 | 2022-03-15 | Intel Corporation | MTS-based mutual-authenticated remote attestation |
KR102364652B1 (en) * | 2019-08-01 | 2022-02-21 | 한국전자통신연구원 | APPARATUS AND METHOD FOR AUTHENTICATING IoT DEVICE BASED ON PUF USING WHITE-BOX CRYPTOGRAPHY |
-
2019
- 2019-08-05 US US17/627,769 patent/US20220329439A1/en active Pending
- 2019-08-05 WO PCT/TR2019/050648 patent/WO2021025631A1/en active Application Filing
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011120125A1 (en) * | 2010-03-31 | 2011-10-06 | Irdeto Canada Corporation | System and method for protecting cryptographic assets from a white-box attack |
US20120311338A1 (en) * | 2011-06-03 | 2012-12-06 | Apple Inc. | Secure authentication of identification for computing devices |
GB2538022A (en) * | 2016-08-20 | 2016-11-02 | Tomlinson Martin | Multiple secrets in quorum based data processing |
US20180262343A1 (en) * | 2017-03-08 | 2018-09-13 | Idemia Identity & Security France | Method for electronic signing of a documen with a predetermined secret key |
EP3376705A1 (en) * | 2017-03-17 | 2018-09-19 | Koninklijke Philips N.V. | Elliptic curve point multiplication device and method in a white-box context |
EP3493456A1 (en) * | 2017-12-01 | 2019-06-05 | Gemalto Sa | Cryptography device having improved security against side-channel attacks |
CN108259506A (en) * | 2018-02-08 | 2018-07-06 | 上海交通大学 | SM2 whitepack password implementation methods |
Non-Patent Citations (1)
Title |
---|
QI FENG ET AL.: "White-Box Implementation of Shamir's Identity-Based Signature Scheme", IEEE SYSTEMS JOURNAL, vol. 14, no. Issue: 2, June 2020 (2020-06-01), pages 1820 - 1829, XP011790885, [retrieved on 20190509], DOI: 10.1109/JSYST.2019.2910934 * |
Also Published As
Publication number | Publication date |
---|---|
US20220329439A1 (en) | 2022-10-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220141038A1 (en) | Method of rsa signature or decryption protected using a homomorphic encryption | |
Dang | Recommendation for applications using approved hash algorithms | |
US9009481B2 (en) | System and method for protecting cryptographic assets from a white-box attack | |
CA2698000C (en) | Signatures with confidential message recovery | |
US7730315B2 (en) | Cryptosystem based on a Jacobian of a curve | |
Dent | Hybrid signcryption schemes with insider security | |
US9800418B2 (en) | Signature protocol | |
JP2008252299A (en) | Encryption processing system and encryption processing method | |
US11063743B2 (en) | Method of RSA signature of decryption protected using assymetric multiplicative splitting | |
US20100318804A1 (en) | Scheme of applying the modified polynomial-based hash function in the digital signature algorithm based on the division algorithm | |
US7043015B2 (en) | Methods for point compression for Jacobians of hyperelliptic curves | |
CN110784300B (en) | Secret key synthesis method based on multiplication homomorphic encryption | |
Heninger | RSA, DH, and DSA in the Wild | |
Feng et al. | White-box implementation of Shamir’s identity-based signature scheme | |
Kumar et al. | An efficient implementation of digital signature algorithm with SRNN public key cryptography | |
US20070113083A1 (en) | System and method of message authentication | |
WO2013004691A1 (en) | Traitor tracing for software-implemented decryption algorithms | |
Shankar et al. | Improved Multisignature Scheme for Authenticity of Digital Document in Digital Forensics Using Edward-Curve Digital Signature Algorithm | |
Saho et al. | Securing document by digital signature through RSA and elliptic curve cryptosystems | |
KR100431047B1 (en) | Digital signature method using RSA public-key cryptographic based on CRT and apparatus therefor | |
US7519178B1 (en) | Method, system and apparatus for ensuring a uniform distribution in key generation | |
US20220329439A1 (en) | Method for generating digital signatures | |
Wang et al. | Signature schemes based on two hard problems simultaneously | |
CA2306468A1 (en) | Signature verification for elgamal schemes | |
Terrance et al. | In-depth Analysis of the Performance of RSA and ECC in Digital Signature Application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19940599 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19940599 Country of ref document: EP Kind code of ref document: A1 |